Related
But... why?
Well, many people like and buy the Xperia line of devices currently on the market who previously owned a Samsung, LG or HTC. There are many differences in hardware, but most certainly in how Sony perceives the Android ecosystem and how it differs from the other major brands. This (noob) guide is meant to help people on the path to the Sony side I'm sure it contains lots of info which is even useful for the old timers
Things which differ a LOT from the other brands:
First and foremost: no recovery partition;
Second but not least: no download mode.
Sony has replaced the Android recovery partition with the FOTA kernel, which is meant to aid the device in rolling out OTA updates, which allow kernel updates without the risk of bricking the device. I hear you scream: "But wait, what about the recovery partition announcement by Sony themselves!?", well the answer is simple: that is meant for unlocked bootloader devices ONLY, as a part of their "Open Devices" program.
What is Flashmode, Flashtool and what are these FTF and SIN files I am reading about?
I'm going to quote @Androxyde here (it's a straight copy of his index page), as he is the maintainer of the tool:
Flashtool is a S1 flashing software that works for all Sony phones from X10 to Xperia Z Ultra. They all use the S1 protocol for flashing firmwares.
This program was originally made to flash sin files downloaded by SEUS/SUS or PC Companion.
Based on a command line tool written by @Bin4ry (Andreas Makris), I brought a user interface to sin files flashing.
We worked together to add more features to the tool such as rooting methods implementation or TA backup / restore.
Then I took the lead and got some advice and help from him occasionally on some features like rom cleaner or bootloader unlocking.
From time to time, sin files have been bundled into what is now well known FTF (Flash Tool Firmwares) and more features have been implemented.
But flashing firmwares is still the core of Flashtool (that is updated at least to follow Sony improvements around sin files) and the reason of its name.
Flashtool can also easily unlock the bootloader of the phone using the BLU icon as far as the bootloader of your phone is unlockable
The flashing feature as well as bootloader unlock feature are available whatever the phone is recognized or not by the application. What is only mandatory for flashing is to own the FTF file according to the device you want to flash it on.
Why should I use Flashtool?
Once bootloader unlocked, official sony tools do not work anymore.
Using official sony tools, you can only upgrade. No downgrade possible.
Using flashtool, you can choose what to flash and what not to flash. This said, many rooting scenarios are available implying kernel only downgrade to retrieve a patched rooting exploit and then flash back the right kernel.
You said unlocking bootloader?
This process gives you the opportunity to flash custom roms such as CyanogenMod ROMs.
I invite you to visit the FXP Project that brings CM and AOSP to xperia devices.
Click to expand...
Click to collapse
To complete this explanation, Sony devices know 2 bootloader based flash modes:
Flashmode (This is the S1 flash protocol @Androxyde wrote about)
Fastboot (This is the original, unmodified fastboot mode from Google)
In the past there was the Sony-Ericsson Update Software/Service (SEUS, later named SUS because Ericsson got removed from the name) which could update your device to the latest software or recover it from an inoperable state. PC Companion was less of a tool for updating and more of making backups, installing applications and managing the device storage. Sometime the past 3-4 years Sony merged the 2 programs, so if people on XDA or anywhere on the web talk about using PC Companion to restore their device, they are not wrong, they are simply using the latest version
Sony recently released their own package called 'flash tool' (to add to the confusion of noobs in the community), which deep down is a little easier to use and stripped down version of EMMA, which is a tool we mere mortals will probably never use as EMMA is the flash tool for Sony's repair shops and tech support. It's primary function is to allow owners of an unlocked bootloader device (or, 'open device' as Sony named it) to still use Sony firmwares and update their device, because as soon as you unlock the bootloader, the OTA updates will stop.
Things to remember on the files used by these tools:
An FTF file is basically not more then a ZIP archive containing multiple SIN files, you can open the FTF using 7z/WinZip/WinRar and look inside it.
A SIN file is a disk/partition image, which is encrypted by Sony. S1 (the bootloader) will check this encryption to make sure the image was not tampered with before it accepts it for flashing.
Fastboot flashing will always fail when the device is still in a locked bootloader state. For some models it is even disabled entirely or non-functional until you unlock the bootloader.
I am reading about the TA, what is it, why should I make a backup?
The TA partition (Trim Area) is a signed partition which holds various things which are unique to your device, like the device's IMEI, DRM keys and bootloader settings and configuration options. This partition can not be exchanged between devices, because it really is unique. If you would flash the TA backup from someone else it will cause a hard-brick rendering your device only useful as a paperweight...
When you unlock your bootloader you will lose all the DRM features on your device, this makes it valuable to have a backup of the unmodified version stowed away somewhere safe. You will need root level access to create that backup before unlocking. There is a tool called Backup TA which is widely used to create and restore backups of the TA partition. TWRP in XZDualRecovery can do the same.
When you restore the backup TA partition you made before unlocking the bootloader you will essentially re-lock the bootloader and restores the DRM keys. This process is (as far as we know up to now) undetectable by Sony's support staff, which makes it easy to restore the phone to stock for warranty driven support issues as unlocking your bootloader will void your warranty on the device (it is subject to local law though). That is why, for a lot of owners of a Sony device at least, it is considered to be the "Holy Grail" and is usually the reason for a lot of users to wait for a root exploit to be found before unlocking their bootloader.
Okay, I get it now. I would like to unlock my bootloader, how to proceed?
I'm not here to rewrite everything other people or Sony themselves can write just as well or even better, so I have a link for you:
http://developer.sonymobile.com/unlockbootloader/
Read it, it will teach you just about everything you need to know.
Once your bootloader is unlocked, your device will be much like a Nexus device when it comes to rooting, excluding the recovery partition, so that's why we flash or hotboot a custom kernel with a recovery, by using fastboot. If you are afraid of a terminal and typing commands, you can use a tool like QuickIMG or Flashtool to make your life easier.
Right, now I want root!
Well, if you have an 'open device', this is a lot easier then you think. Just remember that using root exploit kits is unnecessary and in some cases even risky as some packages do funky things or jeopardize your privacy.
Try to find a 'stock based' custom kernel. These are custom kernels built by the community to add features to the kernel but are meant to work with Sony's stock firmwares. I'm the maintainer of XZDualRecovery myself and created the Kernel Builder for the supported devices.
These custom kernels will NOT root your device (unless otherwise stated by the creator), but introduce a recovery to the boot process and with that you will be able to flash SuperSU to root your ROM.
But you just said Sony devices don't have a recovery partition, please... UN-confuse me!!
Yes, I did, and I'm right: there have been bright minds in the community who included a recovery in the boot image (the kernel partition) in the past and that way included a recovery on our Sony devices.
With the current 'open devices' policy from Sony, we now have:
Recovery stored inside the system partition, which is meant for locked bootloader devices (closed devices) because they can not run custom kernels;
Recovery stored in the boot image (for open devices);
Recovery stored on the FOTA partition, but with a trigger from the regular boot image at boot (also for open devices);
Recovery stored on the FOTA partition -renamed to recovery- together with an updated bootloader (for open devices, of course).
Hmm, okay... it's still confusing, but OK. My service menu says I'm rooted, but none of the root apps work properly, what gives?!
If you open the phone dialer app and on the keys see the letters below the digits, you can spell the word SERVICE. Type *#*#SERVICE#*#* and a service menu will pop up. Tap 'Service Info' and then 'Configuration'. Then you will see one of these lines there almost on the bottom of the list:
"Rooting status: unknown": it's probably unlocked, but it was unable to verify that;
"Rooting status: rooted": you have unlocked the bootloader;
"Unlock bootloader allowed: YES/NO": this tells you if the bootloader is (vendor-) locked or not, if it says NO, you're out of luck.
The rooting status there is not telling your system is rooted, it tells you your bootloader is and will allow custom rom/kernel flashing. Don't confuse these two.
I'm not allowed to unlock my bootloader But I still want root, can I?
In some cases you can. It depends on the bugs found in specific firmware versions which allow a root exploit to be developed.
From the 2015 range of Xperia devices Sony started using dm-verity, which causes a bootloop once the system partition is modified. This modification of the system partition will be required to include a SU binary in the system to obtain root, so until a dm-verity defeating option is found, locked bootloader root or recovery will not be possible.
For older models, check the device forums and the cross device development forums to check out the community rootkits available. Usually it will tell you what ROM version it is intended for. Be careful with rootkits/roottools though, some are also found to be introducing malware to your device or sending privacy sensitive data to the creators. Use common sense, if you have no valid use for the root user level, keep it off your phone. If you already have recovery, you can use that to modify or clean your device instead.
I have rooted my phone, but whenever I try to modify something on it it spontaneously reboots or I get a message 'Permission denied" when trying to remount the system partition R/W! Why is that?
Like all manufacturers, Sony tries to make it difficult (or downright impossible) to modify the Android base system they created. Because if you can, anyone or anything which obtains root access can. This is a serious security risk, because if it's malware which puts itself on the system partition and locks up your phone, the only way around this is to wipe your entire device and restore a stock ROM using PC Companion or Flashtool. Of course, they have their own proprietary software to protect as well, but security is the main objective here. The really sensitive bits are stored in the TA partition as I explained earlier.
Sony (-Ericsson) had a service called RIC, which in time moved partially in to a kernel feature. What it does is monitor if system is remounted writeable. This usually is a situation you want to avoid at all costs so RIC will deny you permission, cause a kernel panic OR simply reboots your device to get out of that state.
"Remount-Reboot fix", RICKiller, RICDefeat, and XZDualRecovery all (attempt to) disable this service or stop the kernel from acting on a remount of system.
Hard-bricks, Soft-bricks, bootloops??
They are simple to understand, really:
Hard-brick, TYPICALLY NOT RECOVERABLE: The bootloader stopped functioning, this can be caused by a bad flash/update or by restoring the wrong TA backup.
Soft-Brick, ALWAYS RECOVERABLE: the system partition is corrupted or just simply empty, this causes the device to stall at boot. A soft-brick can also make the screen remain off, because of a bad or missing kernel image.
Bootloops, ALWAYS RECOVERABLE: If the system gets powered up and then reboots during the start. This can be at the kernel splash screen or during the boot animation.
In case of a Soft-brick or Bootloop:
Use the installed recovery (if it still works), PC Companion, QuickIMG or Flashtool to restore your device to working order.
In case of a Hard-brick:
You can never recover from that state without physically opening your device and do some heavy duty engineering (JTagging) on it to flash back the correct bootloader/TA (read that link to see what it would take!). This is way too difficult for 98% of the community, which means that hard-bricking your device is typically the creation of a very expensive paper weight.
Please, be extremely careful when dealing with the TA partition.
*********************************************
I will be updating the above text for sure, if you feel anything is missing, please write a post in this thread with the text you wish to include. I want this to be a community driven guide and I know a lot, but I can't know everything
*********************************************
Extended the text some more to include ideas from:
@Klaos3000
@Yenkazu
Thanks for the suggestions/additions guys! :highfive:
As it concern the recovery, i think you can create a partition with EMMA.
Sent from Greece
kos25k said:
As it concern the recovery, i think you can create a partition with EMMA.
Sent from Greece
Click to expand...
Click to collapse
Please, re-read the first part...
Can I root my iPhone 6 with this guide?
That was a bad joke.
Very useful guide. We should probably educate people around here about what an unlocked bootloader actually means and what it let us do. I'm shocked by the number of people using Kingroot and other risky closed-sourced tools, especially the ones with an unlocked bootloader.
People of earth, if your bootloader is unlocked, it means that your device will be much like a Nexus device when it comes to rooting, sans the recovery partition, so that's why we flash or hotboot a custom kernel with a recovery, by using fastboot. If you're afraid of a terminal and commands, then you can use a tool like QuickIMG. After that, you simply flash SuperSU. That's it!
You can add something about TA Partition and RIC server. :3
Good thread btw
Yenkazu said:
You can add something about TA Partition and RIC server. :3
Good thread btw
Click to expand...
Click to collapse
I'd say, give me a piece of text on the subject for the OP and I'll include it :good:
[NUT] said:
I'd say, give me a piece of text on the subject for the OP and I'll include it :good:
Click to expand...
Click to collapse
RIC, from your thread :3
http://forum.xda-developers.com/xpe...b-definitive-root-remount-reboot-fix-t2317432
But, it's kinda useless if people already use your DualRec, since it's already integrated xD
But more info didn't hurt (?)
TA Partition
http://forum.xda-developers.com/xperia-z/help/ta-partition-t2451186
Not really details, but user should know the impact of unlocking bootloader
Updated the OP to include info on the TA partition and RIC protection. Also included a part of the post by @Klaos3000, because it contained some useful info
Thanks guys :highfive:
Very usefull! :good: But for me 2-3 Weeks to late. I'm still quite new on Z3C and I collect all those info the old style
Without this thread you would need days to catch all dependencies - With this you would need approx. 10 min!
Very helpfull and good to link new user to...
And yes - I came form the Sammy side (of the moon ) and was a bit shocked what sony did with "open source android".
Not because of SystemUI ( I love it...) but because of all this "anti modding" stuff they build in.
Sticky? Sure - must be!
Updated the OP to include info on Hard-bricks, Soft-bricks and bootloops.
Please people, if you have anything to add to the OP, let me know!
As I said, I know a lot, but I can't know everything there is to know about Sony devices...
Good work (...as usual from your side) :good:
Very useful tutorial.
No need to write long explanations to Sony beginners anymore - just add a link from here.
Really Helpful
Brilliant.....Really it deserves place at (Sticky Threads).I think if you add minimum One Custom Kernel(for stock firmware)
of every devices..That would b very helpful to recover from Soft bricks.Then this thread will be an "ALL IN 1" thread.Its my Opinion after all...Brilliant work.
Need a little advice.
Hi,
I have a ZL with Locked bootloader and your ZL-lockeddualrecovery2.8.22 installed
I am on stock 5.0.2 now Rooted thanks to your awesome recovery.
Question is now I have your dual recovery would I be able to simply flash crDroid CM zip Thread Here and others like it or would I still need to unlock the bootloader Edit OP of ROM says it is required
So if I flashed the above would it replace your recovery with the boot.img in the zip
Sorry for the noob questions but I am new to Sony devices and still taking baby steps with this phone
I can unlock the bootloader no problem but I am more concerned about your recovery been replaced.
Thanks in advance :good:
bigrammy said:
Hi,
I have a ZL with Locked bootloader and your ZL-lockeddualrecovery2.8.22 installed
I am on stock 5.0.2 now Rooted thanks to your awesome recovery.
Question is now I have your dual recovery would I be able to simply flash crDroid CM zip Thread Here and others like it or would I still need to unlock the bootloader Edit OP of ROM says it is required
So if I flashed the above would it replace your recovery with the boot.img in the zip
Sorry for the noob questions but I am new to Sony devices and still taking baby steps with this phone
I can unlock the bootloader no problem but I am more concerned about your recovery been replaced.
Thanks in advance :good:
Click to expand...
Click to collapse
As long as your phone is locked, you only can flash stockroms and stock-kernels.
You also have to use recovery for stockrom, because you kernel is "untouchable" and recovery have to put in /data and /system partition and can't be put in kernel.
All other roms/kernels will end in errors while flashing.
If you have unlocked your BL, you can flash any rom and kernel you want, as long as your phone is supporting it.
Yes, by flashing a zip, your kernel will be replaced and in most cases they have a recovery in it.
By flashing a rom from another version or changing from stock-based roms to i.e. CM-roms or Omni and vice versa, you have to unpack the kernel (boot.img) by hand and flash (fastboot) this first, before you flash (after a reboot in recovery) the whole zip.
Otherwise it could end in bootloop.
Because of (i most cases) wiping /system, /data while installation, your stock-recovery will deleted too. This depends of the work of the installer in the zip file.
Btw... before unlocking your phone, backup your TA ( with FlashTool). This TA is unique and you may use it to lock your phone again later.
And... if your phone is unlocked - no fear of losing recovery. You always can flash another one with fastboot again.
Someone correct me, if i was wrong or forgot something.
@bigrammi, you can always try yo repack the CM kernel using my kernel builder, that way you will still have XZDualRecovery but then included in the boot image, so no risk of losing it...
akkufix said:
As long as your phone is locked, you only can flash stockroms and stock-kernels.
You also have to use recovery for stockrom, because you kernel is "untouchable" and recovery have to put in /data and /system partition and can't be put in kernel.
All other roms/kernels will end in errors while flashing.
If you have unlocked your BL, you can flash any rom and kernel you want, as long as your phone is supporting it.
Yes, by flashing a zip, your kernel will be replaced and in most cases they have a recovery in it.
By flashing a rom from another version or changing from stock-based roms to i.e. CM-roms or Omni and vice versa, you have to unpack the kernel (boot.img) by hand and flash (fastboot) this first, before you flash (after a reboot in recovery) the whole zip.
Otherwise it could end in bootloop.
Because of (i most cases) wiping /system, /data while installation, your stock-recovery will deleted too. This depends of the work of the installer in the zip file.
Btw... before unlocking your phone, backup your TA ( with FlashTool). This TA is unique and you may use it to lock your phone again later.
And... if your phone is unlocked - no fear of losing recovery. You always can flash another one with fastboot again.
Someone correct me, if i was wrong or forgot something.
Click to expand...
Click to collapse
Thanks yet again bro :highfive:
Wow these Sony Xperia's take some figuring out :laugh:
I think I have just about got my head around it all now
I have managed to get the TA backed up with TWRP and Flashtool so I should be safe now
I will have to unlock the bootloader just to stop it nagging me to upgrade :laugh:
@Nut Thanks bro I will take a look at your suggestion it's a little more complicated than what I am used to or should I say different.
bigrammy said:
[...]
@Nut Thanks bro I will take a look at your suggestion it's a little more complicated than what I am used to or should I say different.
Click to expand...
Click to collapse
Well, i saw HTC M7 in your signature. If you were able to unlocked, s-off-ed, re-flashed firmware and rooted this beast - you don't need to have any fear about a Sony device.
[NUT] said:
@bigrammymi, you can always try yo repack the CM kernel using my kernel builder, that way you will still have XZDualRecovery but then included in the boot image, so no risk of losing it...
Click to expand...
Click to collapse
Hi @Nut,
I thought I would take your advice and expected to download a tool to unpack everything and pick through the files and start editing init.rc etc etc :silly:
I had no idea this was a fully automated Online tool
I still can't quite believe it you're a genius!! :angel:
A BIG THANKS to All the Xperia dev's helpful community members and especially the tool creators XZDualRecovery, Flashtool, XperiFirm and PRFCreator etc you're all Awesome :highfive:
I fear I will become lazy with such great dev's :laugh:
bigrammy said:
Hi @Nut,
I thought I would take your advice and expected to download a tool to unpack everything and pick through the files and start editing init.rc etc etc :silly:
I had no idea this was a fully automated Online tool
I still can't quite believe it you're a genius!! :angel:
A BIG THANKS to All the Xperia dev's helpful community members and especially the tool creators XZDualRecovery, Flashtool, XperiFirm and PRFCreator etc you're all Awesome :highfive:
I fear I will become lazy with such great dev's :laugh:
Click to expand...
Click to collapse
Thanks, glad to have been of help to you
Hi,
I'll received my XC this week, and I'd like to root it.
I don't want a custom ROM, but just a stock one with xposed and remove some bloatwares.
Here are my needs:
keep DRM
latest stock rom
twrp
untouched system partition
easy OTA
XC Genesis kernel
xposed + module
Do you think it possible to achieve such a configuration?
How-to?
Thanks
EDIT: I'll update this post to make it an HOW-To for futures users with same questions.
Assuming you're unable to unlock your BL the steps are as follows...
Flash back to 198.
Backup your TA.
Unlock your BL
Update to 311
Extract kernel - ftf/sin/elf
Run elf through Rootkernel_v5.23 - (In cmd prompt window - rootkernel kernel.elf boot.img)
Create DK ftf with Rootkernel_v5.23 (In cmd prompt window - flash_dk TA-19022017.img DK.ftf)
Flash new boot.img
Flash TWRP.img
Flash Super User zip
Flash DK.ftf with Flashtool 9.22
...and that should be it.
Latest stock Rom + xposed will not be possible...
mika91 said:
Hi,
I'll received my XC this week, and I'd like to root it.
I don't want a custom ROM, but just a stock one with xposed and remove some bloatwares.
Here are my needs:
keep DRM
latest stock rom
twrp
untouched system partition
easy OTA
XC Genesis kernel
xposed + module
Do you think it possible to achieve such a configuration?
How-to?
Thanks
EDIT: I'll update this post to make it an HOW-To for futures users with same questions.
Click to expand...
Click to collapse
Forget about OTA when rooted...
I though that using xposed leave the system partition untouched, so OTA updates are possible...
mika91 said:
I though that using xposed leave the system partition untouched, so OTA updates are possible...
Click to expand...
Click to collapse
OTA is not possible once bootloader is unlocked. System partition touched or not played no role.
ok.
So if I want root the XC, I have to unlock the bootloader, loose DRM and ota?
How is the camera quality without the drm keys?
Thanks
mika91 said:
ok.
So if I want root the XC, I have to unlock the bootloader, loose DRM and ota?
Click to expand...
Click to collapse
See my post to get a rooted stock with DRM.
mika91 said:
ok.
So if I want root the XC, I have to unlock the bootloader, loose DRM and ota?
How is the camera quality without the drm keys?
Thanks
Click to expand...
Click to collapse
You HAVE to unlock. There is NO root on LOCKED bootloader.
Unlocking bootloader deletes TA partition, containing DRM keys. You should BACKUP your TA partition BEFORE unlocking using DirtyCow Backup tool from Sony Cross Devices forum.
After unlocking, you can either flash kernel that supports DRM patching either by using fake DRM libraries, or your real DRM keys, either flashed in alternative location (see RootKernel tool in Z5 forums, works on almost all modern Xperias) or PoC TA tool from Sony Cross devices, that mounts your TA backup as TA partition, therefore your phone looks as having DRM keys and locked.
XperienceD said:
Assuming you're unable to unlock your BL the steps are as follows...
Flash back to 198.
Backup your TA.
[*]Unlock your BL
[*]Update to 311
[*]Extract kernel - ftf/sin/elf
[*]Run elf through Rootkernel_v5.23 - (In cmd prompt window - rootkernel kernel.elf boot.img)
[*]Create DK ftf with Rootkernel_v5.23 (In cmd prompt window - flash_dk TA-19022017.img DK.ftf)
[*]Flash new boot.img
[*]Flash TWRP.img
[*]Flash Super User zip
[*]Flash DK.ftf with Flashtool 9.22
...and that should be it.
Click to expand...
Click to collapse
Would you mind detailing a bit more those steps, especially the first 2? Im coming from a really old phone so im still a bit lost. (where can i learn about ftf/sin/elf?)
How can we flash back to 198? Flashing doesnt require an unlocked BL, wich to be achieved deletes your TA?
im on a brand new X Compact, 7.0 (34.2.A.0.292), secure patch 01/01/17
managed to get flashtool, adb/fastboot and Universal TA Backup v2 on my pc but no dice on TA backup yet
fredsky2 said:
Would you mind detailing a bit more those steps, especially the first 2? Im coming from a really old phone so im still a bit lost. (where can i learn about ftf/sin/elf?)
Click to expand...
Click to collapse
Sure. You don't really need to learn about those stuff but is handy to know, you'll pick stuff up along the way. They are basically firmware files.
fredsky2 said:
How can we flash back to 198? Flashing doesnt require an unlocked BL, wich to be achieved deletes your TA?
Click to expand...
Click to collapse
Open the flashtool and run Xperifirm (icon with XI) on it, then browse to the XC, then click on F5321 and it will load up the different regions and available firmware. If you click on "check all" it will then show which FW is available to download, Central Europe 5 still shows as 198, so you need to select it on the right of the screen under the picture of the phone, it will then download and it's simply a matter of following the instructions to flash it.
fredsky2 said:
im on a brand new X Compact, 7.0 (34.2.A.0.292), secure patch 01/01/17
managed to get flashtool, adb/fastboot and Universal TA Backup v2 on my pc but no dice on TA backup yet
Click to expand...
Click to collapse
When you get 198 on your phone then you'll be able to back your TA. If you get stuck give us a shout.
XperienceD said:
Sure. You don't really need to learn about those stuff but is handy to know, you'll pick stuff up along the way. They are basically firmware files.
Open the flashtool and run Xperifirm (icon with XI) on it, then browse to the XC, then click on F5321 and it will load up the different regions and available firmware. If you click on "check all" it will then show which FW is available to download, Central Europe 5 still shows as 198, so you need to select it on the right of the screen under the picture of the phone, it will then download and it's simply a matter of following the instructions to flash it.
When you get 198 on your phone then you'll be able to back your TA. If you get stuck give us a shout.
Click to expand...
Click to collapse
Thank you, i was able to successfully backup my TA earlier yesterday. But now im struggling with how to restore it in MM 6.0.1 (34.1.A.1.198).
I've read that i'll need a custom kernel for that (and to get TWRP+supersu+magisk+xposed) but im unsure if i should use Genesis (probably unsuported but the only one that says it'll restore MY TA) or Advanced Stock Kernel from Androplus. Ive read that messing with TA can hardbrick my phone so im trying to be extra careful.
atm im following ondrejvaroscak's quickrecap to make sure everything goes smooth with my TA keys and then i plan to downgrade to 6.0, install Advanced Stock Kernel, supersu 2.79 and magisk and then pray for the best (without reflashing my own DK.ftf?)
fredsky2 said:
Thank you, i was able to successfully backup my TA earlier yesterday. But now im struggling with how to restore it in MM 6.0.1 (34.1.A.1.198).
Click to expand...
Click to collapse
Download Flashtool 9.22.3 and flash your DK.ftf, flashing with a newer version doesn't work, you should then be able to verify it's worked in the service menu.
fredsky2 said:
I've read that i'll need a custom kernel for that (and to get TWRP+supersu+magisk+xposed) but im unsure if i should use Genesis (probably unsuported but the only one that says it'll restore MY TA) or Advanced Stock Kernel from Androplus. Ive read that messing with TA can hardbrick my phone so im trying to be extra careful.
Click to expand...
Click to collapse
You can use the RootKernel tool to modify your own kernel, extract the kernel.sin from the ftf with a zip program, then use the flashtool to extract the kernel.elf, Tools-Sin Editor-Extract Data then run it through the RootKernel tool and flash the boot.img it creates, then flash TWRP separately to the recovery partition which will allow you then to flash SuperSU.
SuperSU and BusyBox are the only options I didn't include when creating my kernel. Others will have to help with the other two things you want as I refuse to use them.
XperienceD said:
Download Flashtool 9.22.3 and flash your DK.ftf, flashing with a newer version doesn't work, you should then be able to verify it's worked in the service menu.
You can use the RootKernel tool to modify your own kernel, extract the kernel.sin from the ftf with a zip program, then use the flashtool to extract the kernel.elf, Tools-Sin Editor-Extract Data then run it through the RootKernel tool and flash the boot.img it creates, then flash TWRP separately to the recovery partition which will allow you then to flash SuperSU.
SuperSU and BusyBox are the only options I didn't include when creating my kernel. Others will have to help with the other two things you want as I refuse to use them.
Click to expand...
Click to collapse
Thanks again. I was worried that the drm-fix from the kernel editing tool could corrupt my TA partition but thankfully i was wrong on that .
Im now at MM 6.0, original DRM keys, TWRP, xposed, rooted with magisk and im almost sure that with busybox. Why do you refuse to use them? Just curious!
Thanks a lot for your help, cheers
fredsky2 said:
Thanks again. I was worried that the drm-fix from the kernel editing tool could corrupt my TA partition but thankfully i was wrong on that .
Click to expand...
Click to collapse
I flashed a kernel I made with the Rootkernel tool without the drm fix but it showed some mumbo jumbo where it should say ok and provisioned, included the drm fix in the next one and it worked fine then.
fredsky2 said:
Im now at MM 6.0, original DRM keys, TWRP, xposed, rooted with magisk and im almost sure that with busybox. Why do you refuse to use them? Just curious!
Thanks a lot for your help, cheers
Click to expand...
Click to collapse
You're welcome. I refuse because I prefer to know how to mod apks directly and I found Xposed to be quite buggy. I can see the benefits, it's just not for me.
Hi, i lost the drm keys, build 34.2.A.0.311 kernel genesis v1.04. Is there a mod or method to restore the drm or at least restore the camera?
dozzo94www said:
Hi, i lost the drm keys, build 34.2.A.0.311 kernel genesis v1.04. Is there a mod or method to restore the drm or at least restore the camera?
Click to expand...
Click to collapse
Did you back up your TA partition before unlocking, you need that for the restore mods to work.
Please help!!!
I had file TA.img, I want relock ubl and restore drm keys. How to restore DRM KEY?, please!
dkkx3a said:
I had file TA.img, I want relock ubl and restore drm keys. How to restore DRM KEY?, please!
Click to expand...
Click to collapse
Use rootkernel - https://forum.xda-developers.com/showpost.php?p=75505302&postcount=2973 - and put your TA in the rootkernel folder. During the process you will be asked if you want TA-poc, say 'yes'. A new boot img will be created that includes your TA. Flash it with fastboot.
levone1 said:
Use rootkernel - https://forum.xda-developers.com/showpost.php?p=75505302&postcount=2973 - and put your TA in the rootkernel folder. During the process you will be asked if you want TA-poc, say 'yes'. A new boot img will be created that includes your TA. Flash it with fastboot.
Click to expand...
Click to collapse
Can you be more specific? I'm using android 8.0, unlocked and have a backup TA file, now I want to go back to stock, relock bootloader because of bad music. Can you give step by step instructions (sorry I use google translation).
dkkx3a said:
Can you be more specific? I'm using android 8.0, unlocked and have a backup TA file, now I want to go back to stock, relock bootloader because of bad music. Can you give step by step instructions (sorry I use google translation).
Click to expand...
Click to collapse
Download rootkernel for xc, extract it to some directory, copy your ta file there, (named 'TA.img'), copy stock kernel.elf file there, open command prompt there, type 'rootkernel kernel.elf boot.img', answer all questions, flash new boot img.
use TA_PoC from munjeni and the rootkernel for oreo
Is it safe to flash an Android 6 kernel to a phone with an Android 7 OS to downgrade so I can use the dirty cow exploit or will this brick my device?
I want to backup my DRM keys before rooting or unlocking bootloader. My phone is running firmware 34.3.A.0.194 (Android 7.1.1). I want to downgrade it to 34.1.A.1.198 (Android 6.0.1) so I can use this method https://forum.xda-developers.com/crossdevice-dev/sony/universal-dirtycow-based-ta-backup-t3514236 to backup my DRM keys first. I've created a 34.1.A.1.198 kernel but am not sure if I can just flash it to a firmware that is not Marshmallow.
Nope.
obviously not!
Thanks for your answers. I suspected as much.
Is there any other method of backing up the DRM keys? Or is it even necessary? Are DRM keys included in firmwares downloaded with Xperifirm?
If so I could just flash a Marshmallow firmware, backup the DRM keys and root, right?
If not, is there a way of rooting Nougat?
razzledazzle83 said:
Thanks for your answers. I suspected as much.
Is there any other method of backing up the DRM keys? Or is it even necessary? Are DRM keys included in firmwares downloaded with Xperifirm?
If so I could just flash a Marshmallow firmware, backup the DRM keys and root, right?
If not, is there a way of rooting Nougat?
Click to expand...
Click to collapse
If you don't care about DRM rights then it isn't essential, simply unlock your bootloader, mod and flash your own kernel using one of the two available tools, flash a Superuser zip and that's you rooted regardless of FW.
You only get one set of DRM keys and if you don't back them up there is no way at all to recover them so consider the warnings about loss of camera quality etc before going ahead with the unlock process.
And again I suspected as much. So the DRM keys are not included in the firmwares delivered.
Is there any method as of now to backup Nougat DRM keys?
I've only found methods for Marshmallow but not for Nougat.
If I flash a Marshmallow stock ROM will I keep the DRM keys or will they be gone?
razzledazzle83 said:
Is there any method as of now to backup Nougat DRM keys?
I've only found methods for Marshmallow but not for Nougat.
If I flash a Marshmallow stock ROM will I keep the DRM keys or will they be gone?
Click to expand...
Click to collapse
There isn't no. If you don't unlock you can flash as many stock ROMs as you like without affecting them, but you will have to mod your kernel every time you flash a new FW if you have unlocked to restore DRM features.
So if I want to have a rooted phone I have to run Marshmallow?
But I could flash a Marshmallow firmware and backup the DRM keys, right?
razzledazzle83 said:
So if I want to have a rooted phone I have to run Marshmallow?
But I could flash a Marshmallow firmware and backup the DRM keys, right?
Click to expand...
Click to collapse
sure
Ok, thanks.
Flashed MM fw and backed up DRM keys. Worked like a charm.
Thanks for all the help guys.
Hello, so basically when I was on the June update of my Moto G4 Plus, build NPJS25.93-14-8, software channel reteu, model XT1642 when I decided to unlock my bootloader and flash RR. Now I want to go back to the stock firmware for several reasons, but I have some questions about flashing it. I know how to flash it trough fastboot, but I have some other questions.
1. What are the risks if I flash it?
2. Can I just restore my twrp backup for the fully stock rom, flash the stock recovery and update to the last build through ota? will that work?
3. Will there appear other problems I have to worry about?
4. Can I just flash the June patch through fastboot so that I don't have to flash the updated modems, fsg, bootloader, etc. but instead update them through ota after flashing the stock firmware? Or will that cause bugs?
Thanks for the help and please don't throw hate at me, the last device that I hade with android had android 4.4 and a MediaTek chipset, then I switched to Windows Mobile till last year.
1) As long as you flash the same or newer stock firmware as the latest on your device, you should be okay.
As of writing, if you flash the June 2017, Sept 2017 or Dec 2017 stock firmwares (NPJS25.93-14-8, NPJS25.93-14-10 or NPJS25.93-14-13 respectively) then you shouldn't run into issues and be okay to take OTA updates provided you do a full flash. By a full flash, I mean flashing GPT, bootloader, system, OEM, DSP, modem and the erase steps. If you're flashing the NPJS25.93-14-8 firmware, flashing the same firmware should do nothing to your GPT, bootloader or modem, but is a good routine to ensure your device is clean.
As you're switching from RR to stock firmware, a data wipe/erase is recommended - you may be able to use Titanium Backup or another backup app to preserve your app data, then restore it after flashing the stock ROM (though ensure the backup is off your device). You will have to root your stock ROM to use Titanium Backup however.
The risks come when you flash stock firmware of an older patch level than the stock firmware currently on your device (custom ROMs do not matter in this regard) - strictly speaking, it's not the act of downgrading but attempting to take OTA updates whilst downgraded that causes hard bricks. In most cases, if not all, I've noted that a mismatch of the bootloader patch level and the system patch level are what cause issues for most users. You cannot downgrade bootloaders, so downgrading leads to the following situation:
Say you're on the June 2017 firmware:
June 2017 bootloader, June 2017 system (or RR).
You downgrade to Marshmallow or an earlier build of Nougat (say in this case Dec 2016 Nougat firmware):
June 2017 bootloader (bootloader will block downgrades with a security downgrade error), December 2016 firmware.
You try to take an OTA update. However, OTA updates are only designed for updating, and appear to assume (from looking at the script) your system patch level is the same as your bootloader. If you did not downgrade, this assumption would hold. However, as you've downgraded, you'll get this:
March/June 2017 bootloader *, March 2017 system.
Due to the OTA having authorisation to flash to your bootloader without prior checks, the older OTA corrupts your newer bootloader (as denoted by the *), leading to a hard brick. We do have a blankflash at the moment to help with this, though the easiest way to avoid this situation is to only flash firmware of the same or newer build that what is on your device. Motorola does not support downgrading and assumes the user takes responsibility for downgrading.
2)In theory yes. However, if TWRP was allowed to make modifications before you took the backup, the subsequent OTA might fail as your system partition would be detected as not read-only. Furthermore, you'd need a stock logo.bin, so if you've flashed a logo.bin to hide the bootloader unlocked warning, you'd have to pull that from the NPJS25.93-14-8 stock ROM. TWRP to my knowledge does not back that up.
3)As long as you take your time, and have not downgraded/hard bricked in the past, you should be okay. Ensure you back up as much data with Titanium Backup as previously mentioned, and ensure that you do a full flash, so your GPT, bootloader and system are at the same patch level. As mentioned previously, having your device on the same patch level should mean you have fewer issues with OTAs and stability.
4)I'm not sure what you mean by the June patch, do you mean the June OTA update, or do you mean the June stock ROM?
echo92 said:
1) As long as you flash the same or newer stock firmware as the latest on your device, you should be okay.
As of writing, if you flash the June 2017, Sept 2017 or Dec 2017 stock firmwares (NPJS25.93-14-8, NPJS25.93-14-10 or NPJS25.93-14-13 respectively) then you shouldn't run into issues and be okay to take OTA updates provided you do a full flash. By a full flash, I mean flashing GPT, bootloader, system, OEM, DSP, modem and the erase steps. If you're flashing the NPJS25.93-14-8 firmware, flashing the same firmware should do nothing to your GPT, bootloader or modem, but is a good routine to ensure your device is clean.
As you're switching from RR to stock firmware, a data wipe/erase is recommended - you may be able to use Titanium Backup or another backup app to preserve your app data, then restore it after flashing the stock ROM (though ensure the backup is off your device). You will have to root your stock ROM to use Titanium Backup however.
The risks come when you flash stock firmware of an older patch level than the stock firmware currently on your device (custom ROMs do not matter in this regard) - strictly speaking, it's not the act of downgrading but attempting to take OTA updates whilst downgraded that causes hard bricks. In most cases, if not all, I've noted that a mismatch of the bootloader patch level and the system patch level are what cause issues for most users. You cannot downgrade bootloaders, so downgrading leads to the following situation:
Say you're on the June 2017 firmware:
June 2017 bootloader, June 2017 system (or RR).
You downgrade to Marshmallow or an earlier build of Nougat (say in this case Dec 2016 Nougat firmware):
June 2017 bootloader (bootloader will block downgrades with a security downgrade error), December 2016 firmware.
You try to take an OTA update. However, OTA updates are only designed for updating, and appear to assume (from looking at the script) your system patch level is the same as your bootloader. If you did not downgrade, this assumption would hold. However, as you've downgraded, you'll get this:
March/June 2017 bootloader *, March 2017 system.
Due to the OTA having authorisation to flash to your bootloader without prior checks, the older OTA corrupts your newer bootloader (as denoted by the *), leading to a hard brick. We do have a blankflash at the moment to help with this, though the easiest way to avoid this situation is to only flash firmware of the same or newer build that what is on your device. Motorola does not support downgrading and assumes the user takes responsibility for downgrading.
2)In theory yes. However, if TWRP was allowed to make modifications before you took the backup, the subsequent OTA might fail as your system partition would be detected as not read-only. Furthermore, you'd need a stock logo.bin, so if you've flashed a logo.bin to hide the bootloader unlocked warning, you'd have to pull that from the NPJS25.93-14-8 stock ROM. TWRP to my knowledge does not back that up.
3)As long as you take your time, and have not downgraded/hard bricked in the past, you should be okay. Ensure you back up as much data with Titanium Backup as previously mentioned, and ensure that you do a full flash, so your GPT, bootloader and system are at the same patch level. As mentioned previously, having your device on the same patch level should mean you have fewer issues with OTAs and stability.
4)I'm not sure what you mean by the June patch, do you mean the June OTA update, or do you mean the June stock ROM?
Click to expand...
Click to collapse
Thanks for taking your time and answering my silly questions. 4) I mean the June stock ROM. And I've forgotten...
5) If you relock the bootloader, will you be able to unlock it again? How exactly does this work? The device gets another ID that you use again on the Moto site? Or you unlock it with the key that you used the first time you unlocked?
6) I have seen people that flashed the stock firmware through fastboot without relocking the bootloader and the software status shown in bootloader mode changed from "Official" (like mine) to "Modified" and the phone would show "Your device has failed verification and may not boot propertly." instead of the one with the unlocked bootloader. Just like here: https://www.youtube.com/watch?v=4OQQn105Bp8 . Though I have seen that some of these packages on xda are "Signed by Moto". So the problem does not occur when flashing those images?
corlatemanuel said:
Thanks for taking your time and answering my silly questions. 4) I mean the June stock ROM. And I've forgotten...
Click to expand...
Click to collapse
You have stock backup of current firmware, restore it and check build number in settings >about.
5) If you relock the bootloader, will you be able to unlock it again? How exactly does this work? The device gets another ID that you use again on the Moto site? Or you unlock it with the key that you used the first time you unlocked?
Click to expand...
Click to collapse
There are no benefits for relocking. if you want to lock you can, and it can be unlocked with same key.
6) I have seen people that flashed the stock firmware through fastboot without relocking the bootloader and the software status shown in bootloader mode changed from "Official" (like mine) to "Modified" and the phone would show "Your device has failed verification and may not boot propertly." instead of the one with the unlocked bootloader. Just like here: https://www.youtube.com/watch?v=4OQQn105Bp8 . Though I have seen that some of these packages on xda are "Signed by Moto". So the problem does not occur when flashing those images?
Click to expand...
Click to collapse
Not true, that Modified status comes when you try to modify stock ROM, for various meaning, say installing mods in system (not in case of systemless), or if you try to remove/add apps to system/oem, when you change something in stock ROM, then you will get modified status. (Modification in custom ROM will not change it, only stock ROM does.)
So if you have official status right now, you don't need to worry about it.
Otherwise, to remove modified status,
You need to take OTA, (which can be dangerous as echo92 told you above.),
Bootloader relocking is not necessary to remove Modified, you can still take OTA and it will work..
> Flash June's patch (if you are 100% sure about current firmware)
> take OTA of September
Taking OTA makes it again official. (There was no update for bootloader in September patch, if not official again, December will make it..)
____Mdd said:
You have stock backup of current firmware, restore it and check build number in settings >about.
There are no benefits for relocking. if you want to lock you can, and it can be unlocked with same key.
Not true, that Modified status comes when you try to modify stock ROM, for various meaning, say installing mods in system (not in case of systemless), or if you try to remove/add apps to system/oem, when you change something in stock ROM, then you will get modified status. (Modification in custom ROM will not change it, only stock ROM does.)
So if you have official status right now, you don't need to worry about it.
Otherwise, to remove modified status,
You need to take OTA, (which can be dangerous as echo92 told you above.),
Bootloader relocking is not necessary to remove Modified, you can still take OTA and it will work..
> Flash June's patch (if you are 100% sure about current firmware)
> take OTA of September
Taking OTA makes it again official. (There was no update for bootloader in September patch, if not official again, December will make it..)
Click to expand...
Click to collapse
Ok then, since I'm 100% sure that I was on NPJS5.93-14-8 I'll flash that firmware, but where exactly do I find the one that I need? Doesn't the region matter? I'm on XT1642, in Europe, on the software channel reteu. So which one package do I use? I found 2 of them on AFH from tywinlannister7. And also, quite many people flashed the wrong modem and got into trouble, from what I've seen on xda. So any precautions I should take in that matter?
P.S. I don't want to flash the December patch since it updates the bootloader and there is no blankflash for that version yet... Also can't find the September one.
corlatemanuel said:
Ok then, since I'm 100% sure that I was on NPJS5.93-14-8 I'll flash that firmware, but where exactly do I find the one that I need? Doesn't the region matter? I'm on XT1642, in Europe, on the software channel reteu. So which one package do I use? I found 2 of them on AFH from tywinlannister7. And also, quite many people flashed the wrong modem and got into trouble, from what I've seen on xda. So any precautions I should take in that matter?
P.S. I don't want to flash the December patch since it updates the bootloader and there is no blankflash for that version yet... Also can't find the September one.
Click to expand...
Click to collapse
One by tywinlennister7, it is fine and confirmed working on different retails, (retin, retus, retla, many others.)
I have seen modem and other critical problems when one flashes old firmware (marshmallow roms), those all problems happened when old (MM) firmware is flashed.
You can take backup of all partitions by TWRP (fsg, data, system, boot, firmware, all options in shreps twrp), this all things can be helpful in case if something wrong happens, internal memory will be wiped so move them to external... Then flash....
About December, it's your wish to update or not.
If you are worried about blank-flash, then let me remind you again, you will need blank-flash only if you downgrade and take OTA. When you update to December's patch update, remove all older firmware on your computer and keep December's firmware zip only. If you need to flash stock, flash it, not other old..
List of Nougat firmware:
NPJS25.93-14-8 (June 2017) : https://androidfilehost.com/?fid=889764386195918175
This build appears to be targeted towards India, Brazil, EU and UK users, other territories may apply. This updates to NPJS25.93-14-10 (Sept 2017):
https://drive.google.com/file/d/0B9tngVBGIajVQkQtLUUxR2NOTnc/edit
NPJS25.93-14-13 is the December 2017 update from NPJS25.93-14-10: https://androidfilehost.com/?fid=745849072291698845
As ____Mdd has mentioned, the blankflash is only useful if you hard brick your device, and even then that usually only happens if you go flashing older firmware than what's on your device and then take an OTA update. If you don't downgrade, then you won't have a use for the blankflash normally.
If you want to be sure you're getting the right updates, you can flash the NPJS25.93-14-8 stock ROM, which should leave your device on the same patch level (if it was previously on NPJS25.93-14-8 and you're certain about that), then let the OTA updates download the correct patch. As your device firmware should all be on the same patch level, OTA updates should be okay. Bear in mind you may not receive the December 2017 OTA yet, as I've only seen it deployed to India/Mexico so far. It should be coming to EU soon if it's not arrived.
____Mdd said:
You can take backup of all partitions by TWRP (fsg, data, system, boot, firmware, all options in shreps twrp), this all things can be helpful in case if something wrong happens, internal memory will be wiped so move them to external... Then flash....
Click to expand...
Click to collapse
Ok, I was busy this week but I'm back with just a couple more questions:
Which partitions should I back up with the Partition Backup app and with TWRP? What format should I choose for the Partition Backup app?
Can I lock the bootloader after flashing and booting the stock ROM or do I have to do it while flashing?
I have restored my TWRP backup for NPJS5.93-14-8 and rooted it for the backup app. Is there any other helpful information about my device that I should share with you?
What should I install on my PC? I currently have mfastboot-v2 on my C:\ drive in the adb folder, should I install the Minimal ADB and Fastboot as I have seen people using it for the stock ROM flash? Also, do I need to install any drivers in particular?
echo92 said:
2)In theory yes. However, if TWRP was allowed to make modifications before you took the backup, the subsequent OTA might fail as your system partition would be detected as not read-only. Furthermore, you'd need a stock logo.bin, so if you've flashed a logo.bin to hide the bootloader unlocked warning, you'd have to pull that from the NPJS25.93-14-8 stock ROM. TWRP to my knowledge does not back that up.
Click to expand...
Click to collapse
So If I use this guide and relock the bootloader would I be okay? https://forum.xda-developers.com/moto-g4-plus/how-to/guide-sucsessfull-ota-update-rooting-t3472658
Also, relocking wipes Data and Internal Storage, right?
corlatemanuel said:
Ok, I was busy this week but I'm back with just a couple more questions:
Which partitions should I back up with the Partition Backup app and with TWRP? What format should I choose for the Partition Backup app?
Can I lock the bootloader after flashing and booting the stock ROM or do I have to do it while flashing?
I have restored my TWRP backup for NPJS5.93-14-8 and rooted it for the backup app. Is there any other helpful information about my device that I should share with you?
What should I install on my PC? I currently have mfastboot-v2 on my C:\ drive in the adb folder, should I install the Minimal ADB and Fastboot as I have seen people using it for the stock ROM flash? Also, do I need to install any drivers in particular?
So If I use this guide and relock the bootloader would I be okay? https://forum.xda-developers.com/moto-g4-plus/how-to/guide-sucsessfull-ota-update-rooting-t3472658
Also, relocking wipes Data and Internal Storage, right?
Click to expand...
Click to collapse
1) If you want to make a backup, I would make a backup with the standard TWRP partitions selected (should be all of them but without cache). I've not used the Partition Backup app so cannot comment as to which formats to use, but standard formats for system and cache should be ext4, and data as f2fs.
2)Generally if you want to lock your bootloader, you should flash the stock ROM first, then boot to the stock ROM. In Settings > Developer Options, you will want to turn on OEM unlocking. Then, you can re-lock your bootloader with a full flash of all the commands. For more info and things to be aware of, have a look at this post: https://forum.xda-developers.com/showpost.php?p=74971791&postcount=497 Be aware that if you choose to lock your bootloader, you may not be able to use backups of data you made as TWRP and backup apps may require an unlocked bootloader. Anything you kept on internal storage should be transferable back to your device though.
Re-locking likely wipes data and internal storage, so ensure you back up and keep the back ups off your device - on your computer is the best location - until you are done. Also, be warned that any SD cards you have formatted and adopted as internal storage will be unreadable and need erasing, unless you retain the encryption key. So if you have an adopted SD card, back that up too.
3)I would install Minimal ADB and fastboot (v1.4.2 or newer) as most of the newer guides are based on fastboot rather than mfastboot (which is Motorola's version of fastboot, if I recall). You may wish to have the Motorola device drivers installed too - https://motorola-global-portal.custhelp.com/app/answers/prod_detail/a_id/79106/p/30,75,27,
4)That guide is quite old, plus only restores your device back to a state where OTA updates would be possible (i.e. flashing stock recovery, system, OEM). That guide you linked will not re-lock your bootloader. If you want the commands to re-lock your device bootloader, this guide should help: https://forum.xda-developers.com/moto-g4-plus/how-to/stock-rom-npjs25-93-14-4-march-1-t3608138 Again, heed the warnings I note in the above link.
echo92 said:
1) If you want to make a backup, I would make a backup with the standard TWRP partitions selected (should be all of them but without cache). I've not used the Partition Backup app so cannot comment as to which formats to use, but standard formats for system and cache should be ext4, and data as f2fs.
2)Generally if you want to lock your bootloader, you should flash the stock ROM first, then boot to the stock ROM. In Settings > Developer Options, you will want to turn on OEM unlocking. Then, you can re-lock your bootloader with a full flash of all the commands. For more info and things to be aware of, have a look at this post: https://forum.xda-developers.com/showpost.php?p=74971791&postcount=497 Be aware that if you choose to lock your bootloader, you may not be able to use backups of data you made as TWRP and backup apps may require an unlocked bootloader. Anything you kept on internal storage should be transferable back to your device though.
Re-locking likely wipes data and internal storage, so ensure you back up and keep the back ups off your device - on your computer is the best location - until you are done. Also, be warned that any SD cards you have formatted and adopted as internal storage will be unreadable and need erasing, unless you retain the encryption key. So if you have an adopted SD card, back that up too.
3)I would install Minimal ADB and fastboot (v1.4.2 or newer) as most of the newer guides are based on fastboot rather than mfastboot (which is Motorola's version of fastboot, if I recall). You may wish to have the Motorola device drivers installed too - https://motorola-global-portal.custhelp.com/app/answers/prod_detail/a_id/79106/p/30,75,27,
4)That guide is quite old, plus only restores your device back to a state where OTA updates would be possible (i.e. flashing stock recovery, system, OEM). That guide you linked will not re-lock your bootloader. If you want the commands to re-lock your device bootloader, this guide should help: https://forum.xda-developers.com/moto-g4-plus/how-to/stock-rom-npjs25-93-14-4-march-1-t3608138 Again, heed the warnings I note in the above link.
Click to expand...
Click to collapse
So shreps' twrp can also backup the modems? I am on the 64-bit twrp from lannister7 (too lazy to check his name ) and it doesn't show the modems in "Backup", it only shows firmware, fsg, hw and ol the other stuff. And also, I have to flash the firmware twice if I want to lock the bootloader? I can imagine some really bad situations if you flash it with the OEM lock command included, some sh*t happens, you get an error and the device gets bricked whilst also being locked, and not being able to unlock it because of the "OEM Unlocking" option not being accessible, since the device would be bricked. So if I understand correctly, the OEM lock begin and OEM lock commands fully wipe the device, even the system, causing the need to flash everything again? Or the OEM lock commands require you to flash the stock ROM again because of safety issues?
corlatemanuel said:
So shreps' twrp can also backup the modems? I am on the 64-bit twrp from lannister7 (too lazy to check his name ) and it doesn't show the modems in "Backup", it only shows firmware, fsg, hw and ol the other stuff. And also, I have to flash the firmware twice if I want to lock the bootloader? I can imagine some really bad situations if you flash it with the OEM lock command included, some sh*t happens, you get an error and the device gets bricked whilst also being locked, and not being able to unlock it because of the "OEM Unlocking" option not being accessible, since the device would be bricked. So if I understand correctly, the OEM lock begin and OEM lock commands fully wipe the device, even the system, causing the need to flash everything again? Or the OEM lock commands require you to flash the stock ROM again because of safety issues?
Click to expand...
Click to collapse
Don't think shrep's TWRP backs up the modem, only the FSG partition (which appears to be half of the modem/baseband function). Modems are provided in the stock firmware anyhow.
Yes, you have to flash the firmware first (without OEM locking commands), then enable OEM unlocking in Settings>Developer Options, as I mentioned in the other post I wrote. Else, you may not be able to re-lock your bootloader. With OEM unlocking enabled, if a flash failed, you may still be able to unlock your bootloader and flash a custom ROM. Hence, this way gives you a way out, as you have OEM unlocking enabled, hence I recommending that you flash twice. After enabling OEM unlocking, then you flash fully with the OEM locking commands included.
Again, this is why I always say have plenty of time and do not rush this process, as this is critical to your device properly functioning, and to read up as much as you can on the pros and cons of the process.
The two OEM lock begin commands at the beginning of the locking command list will erase your device. Entering the first of those commands will prompt you and alert you to the fact your device is going to be erased. It only erases your data and likely your internal storage/cache, it should not erase any other partitions as they are usually not user modifiable.
If you are certain that your device is fully stock and at the same patch level, then you can use the OEM lock begin commands and OEM lock commands to lock your bootloader. However, if any of your device firmwares is not on the same patch level as your bootloader, you will likely have a boot failure as the firmware fails the bootloader verification checks (as the bootloader expects only firmware of the same patch level). Hence, I strongly recommend to re-flash the firmware to ensure you have clean stock firmware with matching patch levels.
Again, this process of re-locking your bootloader will mean no TWRP (no backups) or root or Titanium Backup.
echo92 said:
Don't think shrep's TWRP backs up the modem, only the FSG partition (which appears to be half of the modem/baseband function). Modems are provided in the stock firmware anyhow.
Yes, you have to flash the firmware first (without OEM locking commands), then enable OEM unlocking in Settings>Developer Options, as I mentioned in the other post I wrote. Else, you may not be able to re-lock your bootloader. With OEM unlocking enabled, if a flash failed, you may still be able to unlock your bootloader and flash a custom ROM. Hence, this way gives you a way out, as you have OEM unlocking enabled, hence I recommending that you flash twice. After enabling OEM unlocking, then you flash fully with the OEM locking commands included.
Again, this is why I always say have plenty of time and do not rush this process, as this is critical to your device properly functioning, and to read up as much as you can on the pros and cons of the process.
The two OEM lock begin commands at the beginning of the locking command list will erase your device. Entering the first of those commands will prompt you and alert you to the fact your device is going to be erased. It only erases your data and likely your internal storage/cache, it should not erase any other partitions as they are usually not user modifiable.
If you are certain that your device is fully stock and at the same patch level, then you can use the OEM lock begin commands and OEM lock commands to lock your bootloader. However, if any of your device firmwares is not on the same patch level as your bootloader, you will likely have a boot failure as the firmware fails the bootloader verification checks (as the bootloader expects only firmware of the same patch level). Hence, I strongly recommend to re-flash the firmware to ensure you have clean stock firmware with matching patch levels.
Again, this process of re-locking your bootloader will mean no TWRP (no backups) or root or Titanium Backup.
Click to expand...
Click to collapse
Well how can I backup the modem, modemst1 and modemst2 partitions then? that app that I mentioned doesn't work, It doesn't backup anything, and the shreps TWRP doesn't include modem backup. Need help ASAP, everything else is ready except for the backup.
P.S. I'm really tired of my G4 Plus having the icon of a keyboard in This PC )
Edit: I'm dumb, just realised that the FSG IS the modemst1 and modemst2, right?
corlatemanuel said:
Well how can I backup the modem, modemst1 and modemst2 partitions then? that app that I mentioned doesn't work, It doesn't backup anything, and the shreps TWRP doesn't include modem backup. Need help ASAP, everything else is ready except for the backup.
P.S. I'm really tired of my G4 Plus having the icon of a keyboard in This PC )
Edit: I'm dumb, just realised that the FSG IS the modemst1 and modemst2, right?
Click to expand...
Click to collapse
Let me clarify my recent post of backup of modem,
All issue i have seen related to corrupted modems and HW partition are happened when one tried to flash older firmwares, those are marshmallow firmwares..
Till then, i have never seen any modem or corrupted hw partition while flashing latest firmwares..
Just make sure your downloaded firmware is latest or same as you have right now..
corlatemanuel said:
Well how can I backup the modem, modemst1 and modemst2 partitions then? that app that I mentioned doesn't work, It doesn't backup anything, and the shreps TWRP doesn't include modem backup. Need help ASAP, everything else is ready except for the backup.
P.S. I'm really tired of my G4 Plus having the icon of a keyboard in This PC )
Edit: I'm dumb, just realised that the FSG IS the modemst1 and modemst2, right?
Click to expand...
Click to collapse
As ____Mdd has mentioned, backups of modem is only required if you've flashed the wrong firmware at some point (due to the different variants of stock firmware). You've given us no indication of that.
modemst1 and modemst2 are, as I understand it, caches and temporary storage of details that are normally wiped during a stock ROM flash, and are then re-filled when the device reboots. FSG is different to modemst1 and modemst2 I think, being one part of the modem/baseband firmware.
As we've both mentioned, modem and FSG are both provided by the stock ROM (as NON-HLOS.bin and fsg.mbn).
I have made it! I've flashed the stock rom without any problem or error!
I want to thank you all because I wouldn't have been able to flash this without your help! I have also locked the bootloader, then I updated to September update and, shortly afterwards, to December update. Now, if I will ever flash custom ROMs again (which has a high probability) I will know how to restore to the stock ROM. So thanks, and I will leave the thread open if anyone will have the need of assistance with this process, or maybe I will have other questions in the future! So, for the third time, thanks for your valuable help guys!